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AMENDMENTS TO THE CLAIMS 



1 - 5 (Cancelled). 

6. (Currently Amended) A computer implemented method of detecting privilege escalation 
vulnerabilities in a pre-existing source code listing, said source code listing having a listed sequence 
of expressions, each expression including a set of operands and operators to transform values of the 
operands, said source code listing further having routine calls, said routine calls including 
arguments with which to invoke a routine, said source code listing being stored in computer 
readable medium having computer executable instructions, wherein a privilege escalation 
vulnerability is an uncontrolled escalation of system privileges that allows unauthorized access to 
system resources, the computer implemented method comprising: 

executing computer instructions to provide providing a list specifying routines that 
potentially cause privilege escalation vulnerabilities; 

executing computer instructions to provide providing pre-specified ranges of 
values for arguments of routines in the list that cause privilege escalation 
vulnerabilities; 

executing computer instructions to analyze analyzing the source code listing to identify 
calls to routines specified in the list; 

executing computer instructions to analyz e analyzing the source code listing to 

semantically analyze arguments of the identified routine calls to determine routine 
calls that possess privilege escalation vulnerabilities using the pre-specified ranges 
of values; and 

executing computer instructions to generate generating a report that identifies the 
vulnerabilities. 



7. (Currently Amended) The method of claim 6 wherein executing computer instructions to 
semantically analyze analyzing the arguments of the identified routine calls comprises analyzing the 
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source code listing to create computer models of the arguments, each model specifying a range of 
values that each corresponding argument can take when the source code listing is executedj-said 
argument models being stored in computer memory . 

8. (Currently Amended) The method of claim 7, wherein analyzing the source code listing to 
create computer models of the arguments comprises: 

analyzing the source code listing to create computer models of said operands, each of 
said operand models specifying a range of values of each corresponding operand as 
a result of operand transformations expressed in the source code listin g, s ai d 
models being stored in computer memory ; and 

using the operand models to create the argument models. 

9-11 (Cancelled). 
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